New Back Door worm-type Threat Found on Apache Tomcat running Servers - BestCyberNews: Online News Presenter in the present world

BestCyberNews: Online News Presenter in the present world

Start knowing

test banner

Breaking

New Back Door worm-type Threat Found on Apache Tomcat running Servers

Symantec has discovered a new back door worm-type threat on Apache Tomcat running servers.This threat should be little different from the ones we usually encounter every day.


Back door type Trojan horses and worms let attackers execute various commands on compromised computers and essentially enable the attacker to control a computer remotely, then important information can be stolen from the user and their computer could be used to attack other victims.

The attack only targets personal computers, such as desktops and laptops, but unfortunately that is not true, servers can also be attacked. Trojans that are written in PHP, such as PHP.Backdoor.Trojan. This time around though, Symantec has found a back door worm that acts as a Java Servlet. We have named it Java.Tomdep.


The Java Servlet is executed on Apache Tomcat, but it does not create a Web page and instead behaves as an IRC bot. It connects to an IRC server and performs commands sent from the attacker. End users who visit Web pages from the compromised Tomcat server are not affected by this threat.

If we try in another Tomcat server, it first attempts to log in with the pairs of weak usernames and passwords


It deploys itself to the found Tomcat server:
To avoid this threat ensure that your server and AV products are fully patched and updated. We recommend that you use strong passwords and do not open the management port to public access.

1 comment:

  1. Dear All,
    We are going to introduce you a new and exciting world of social network.
    FUNBOOK
    Join now for free and be a part of this fast growing online social community. Enjoy the new features at one place.
    Click Here to Join
    or
    feel free to contact us HERE
    Your precious feedback is highly appreciated
    Best of Luck

    ReplyDelete